os_packages_pam_ccreds: 'libpam-ccreds' os_packages_pam_passwdqc: 'libpam-passwdqc' os_packages_pam_cracklib: 'libpam-cracklib' passwdqc_path: '/usr/share/pam-configs/passwdqc' tally2_path: '/usr/share/pam-configs/tally2' os_nologin_shell_path: '/usr/sbin/nologin' auditd_package: 'auditd' modprobe_package: 'kmod' # Different distros use different standards for /etc/shadow perms, e.g. # RHEL derivatives use root:root 0000, whereas Debian-based use root:shadow 0640. # You must provide key/value pairs for owner, group, and mode if overriding. os_shadow_perms: owner: root group: shadow mode: '0640' os_passwd_perms: owner: root group: root mode: '0644' os_env_umask: '027' os_auth_uid_min: 1000 os_auth_gid_min: 1000 os_auth_sys_uid_min: 100 os_auth_sys_uid_max: 999 os_auth_sys_gid_min: 100 os_auth_sys_gid_max: 999